Overview

overview

5

Static

static

7da6ce5c60...51.exe

windows7_x64

5

7da6ce5c60...51.exe

windows10_x64

5

Analysis

  • max time kernel
    135s
  • max time network
    98s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    30-06-2020 12:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7da6ce5c60e94d120a8f7f3d66f63451.exe

  • Size

    303KB

  • MD5

    7da6ce5c60e94d120a8f7f3d66f63451

  • SHA1

    9d011ad4f2de2b39a026ce94e1c5fe7a813b32f5

  • SHA256

    489d3efd8b97c389697e1851b7c4351b28725dca02d2550b2c4e3770d747bc97

  • SHA512

    ac2593481fa74f44a8957060a5264d21194b9deb513344bc2fcf927e095a1ad71db2265b16fc33be512369abad6c727d8ae9ad349005d93a376e4c1dce6871c6

Score
5/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs
  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7da6ce5c60e94d120a8f7f3d66f63451.exe
    "C:\Users\Admin\AppData\Local\Temp\7da6ce5c60e94d120a8f7f3d66f63451.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    • Suspicious use of SetThreadContext
    PID:3944
    • C:\Users\Admin\AppData\Local\Temp\7da6ce5c60e94d120a8f7f3d66f63451.exe
      "{path}"
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:2072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2072-0-0x0000000000400000-0x000000000042D000-memory.dmp
    Filesize

    180KB

    Download
  • memory/2072-1-0x000000000041E320-mapping.dmp
    Download